As a blockchain technology follower, I keep excited when seeing more and more use cases on blockchain. Among other aspects, trust is driving this boom. When people increasingly believe the promising future of blockchain, it’s time to ask: Where is the trust coming from? In what aspect are we trusting blockchain?
A Very Quick Overview of Blockchain
Many people percepts blockchain as a type of database, and this is good enough as the beginning. Blockchain is a method of storing data with strong integrity protection, and it is almost impossible to make alteration on the stored data as time goes by.
Data are grouped and stored in a block. Each block is hashed in such a way that any change inside the data is easy to be detected, and therefore invalid. Each block is also linked to the previous such that changing one block (and any data stored inside) fails the blocks thereafter.
While this mathematical magic (cryptography) can be done in one machine (node), blockchain protocol is always distributed: it is executed by multiple nodes. These nodes will agree on the same piece of outcome after a predefined process to reach the consensus.
Variety of Implementations
What is mentioned above is the very basic technical aspect about blockchains. But how to implement this is more important. In the market there are several implementations depending on different situations, and they are bearing various levels of trust.
I roughly divide them into four categories.
The blockchain is owned by an enterprise, and therefore it is also known as enterprise blockchain.
Enterprises are considering blockchain, more on optimizing their existing system and process for cost saving or data protection (e.g. streamlining the process), or creating new types of service (e.g. a database with stronger integrity protection). More and more use cases and proof of concept (POCs) appear nowadays on enterprise use of blockchain.
Different camps are building enterprise blockchain frameworks. The most common one now is Hyperledger Fabric, part of Hyperledger projects hosted by The Linux Foundation. Others are Quorum, Multichain or some vertical pre-built solutions.
Note that all of them are permissioned blockchain, meaning that only those allowed can participate into the operation and use of the blockchain.
All the nodes are owned and maintained by the enterprise. Security measure is therefore determined by them. For example, the enterprise decides how many nodes are running the consensus, and where the nodes are distributed geographically. This determines the level of robustness and against DDoS attacks.
In general their users do not perceive any additional values of blockchain. For example, if a bank is streamlining their backend system with blockchain technology, unless it is reflected by cost reduction to end user, no one is interested whether it is blockchain or not, or whether they do this or not. When a company is offering blockchain-based solution, user only cares the type of service, the company’s reputation and their service level agreement, rather than the term “blockchain”. The trust level is more on the enterprise than the technology.
Another big driver of blockchain use cases is consortium. In general a consortium is formed by a group of business entities of common interests. The formation can be either by same vertical (like insurance industry) or cross-vertical to achieve a business objective (e.g. supply chain management for companies of various types).
They largely adopt existing Enterprise Blockchain frameworks. In the market there are some pre-built solutions for specific verticals. They are still permissioned blockchain, as only consortium members can participate into it.
Every participant in the consortium has the incentive to run and maintain this blockchain as far as they benefit from it. For example, supply chain management gets automation with faster business outcome and business transparency after implementing certain processes on blockchain, which benefits to all participants in the consortium.
Similarly, from user perspective, unless they feel the benefits, they really do not care whether it is blockchain or not. For example, it does not add any values unless users can get insurance claim faster or gain more transparency on the whole process.
But comparatively speaking, users have higher trust on consortium blockchain over enterprise one. Now the blockchain is not kept and maintained by one single party, but by a group of enterprises who have an incentive to maintain its operation. It is believed that a company can modify data for whatever reason, but a consortium is of less chance doing so.
Public blockchain is not owned by anyone, but an agreed rule set (protocol) that every participant is willing to follow.
Famous examples are Bitcoin and Ethereum. Bitcoin has the longest history and is still considered as the most successful and sizeable blockchain implementation.
Public blockchains are permissionless, meaning that everyone can join or leave at any time one wishes. Any new “join” is enhancing the operation of blockchain, while any “leave” doesn’t do much harm on it.
In public blockchain we first see the term decentralization. Not a single organization, be it an enterprise, a consortium or even a government, keeps this blockchain and its operation. No one can shut it down completely, and no individual can take control of it unless one can hold majority of nodes. In this sense we consider public blockchain is even more robust. (Here we are not talking about their value and its volatility. It is determined by the market forces.)
To certain extent, users are trusting public blockchains because of decentralization. Just consider how many digital assets (like tokens) are running in public blockchain platform, and their overall value. These blockchains are believed able to withstand stronger DDoS attack and to avoid manipulation by single party.
Nothing comes free. The use of public blockchains (for example, transferring bitcoins or use of smart contract) comes with cost. It is reflected as transaction fees. Many effort is put to improve this either by reducing transaction fee or by bringing new fee-free technologies.
Smart Contracts on Public Blockchain
Smart contract is a program running on blockchain platform. Contract variables are stored and contract functions are executed inside the blockchain in a deterministic way. Smart contract opens a door of using blockchain in business world. Transaction is executed and enforced according to the code in smart contracts.
Specifically, smart contracts in public blockchain enable a new type of applications (always known as decentralized application or DApp) that provides more robust data storage, being automated yet of strong integrity in managing data. While tokens (or coins) dominate the use of smart contracts, more innovative DApps are coming.
Ethereum by far is the most common platform in which smart contracts are running. Some new platforms are also emerging.
While the platform itself is permissionless and decentralized, and therefore maintains certain level of trust (see above), smart contract itself is not necessarily so. Bear in mind that contract owner (who owns the contract code and deploys the contract on the platform) has the right to implement rules within the contract. From this perspective contracts are not as decentralized as the platform itself. What happens if a contract owner has a backdoor to modify the token he or others own?
Therefore, to gain user’s trust, contract owner always takes additional security measures. As common practice, contract owner opens up the contract code to public or invites audit from third party to enhance their trust level, such that users have more confidence on it. And so do investors.
This article by no means tells which implementation is better than others, as the choice is largely situational. By understanding the level of trusts, users and investors know more what they are dealing with, and decide how much they can trust them.
And application owners, when they try to attract users and customers, need to consider more on the trust level. For example, one common question is whether I should build and run a separate blockchain for my application, or I should leverage the public blockchains. Just “blockchain” itself and its mathematical magic is not convincing enough. How to implement this can make difference for their business.